On 12/03/2019 22:39, Tony Krowiak wrote:
On 3/3/19 9:09 PM, Halil Pasic wrote:
On Fri, 22 Feb 2019 16:29:56 +0100
Pierre Morel <pmorel@xxxxxxxxxxxxx> wrote:
We need to associate the ap_vfio_queue, which will hold the
per queue information for interrupt with a matrix mediated device
which hold the configuration and the way to the CRYCB.
[..]
+static int vfio_ap_get_all_domains(struct ap_matrix_mdev
*matrix_mdev, int apid)
+{
+ int apqi, apqn;
+ int ret = 0;
+ struct vfio_ap_queue *q;
+ struct list_head q_list;
+
+ INIT_LIST_HEAD(&q_list);
+
+ for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, AP_DOMAINS) {
+ apqn = AP_MKQID(apid, apqi);
+ q = vfio_ap_get_queue(apqn, &matrix_dev->free_list);
+ if (!q) {
+ ret = -EADDRNOTAVAIL;
+ goto rewind;
+ }
+ if (q->matrix_mdev) {
+ ret = -EADDRINUSE;
You tried to get the q from matrix_dev->free_list thus modulo races
q->matrix_mdev should be 0. This change breaks the error codes in a
sense that it becomes impossible to provoke EADDRINUSE (the proper
error code for taken by another matrix_mdev).
It is necessary to determine if the queue is in use by another mdev, so
it will still be necessary to traverse all of the matrix_mdev structs to
see if q is in matrix_mdev->qlist. It seems that maintaining the qlist
does not buy us much.
Tony, Halil already pointed out this issue and I already answered.
Please, no need to duplicate the remarks.
Pierre
--
Pierre Morel
Linux/KVM/QEMU in Böblingen - Germany
